Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
File: 40318891-5508-4eb6-bace-e245fbeb145a.roa (raw, json)
Hash identifier: 5hnfIaXGqxaJtwyA4jOI2Cj0yn0aSv1wsQnaF+KJcIM=
Subject key identifier: 4F:B8:99:D2:97:BC:29:0E:8B:DA:20:F5:BD:41:D5:2E:97:B5:93:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C7C5E42A8C4CEA3FF0C7175E36243721BB21368
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
Signing time: Tue 01 Jul 2025 15:00:49 +0000
ROA not before: Tue 01 Jul 2025 15:00:49 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:7c:5e:42:a8:c4:ce:a3:ff:0c:71:75:e3:62:43:72:1b:b2:13:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:00:49 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=5e5a681446e9f90aac25aac84b0ded1f42f3da36fbc436a7a0d26d6296bb2d84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5e:ab:d3:ac:49:64:0c:77:c2:1d:92:51:95:
61:b5:0c:e4:e5:13:6c:0d:b0:6a:dd:69:32:34:ac:
f5:07:67:9f:fa:e5:2a:82:3b:1b:01:58:03:52:b3:
7a:b1:14:16:16:ea:55:13:6a:b9:cd:15:4b:3e:c2:
d6:09:8f:07:bd:f7:ef:a3:78:1c:30:23:c0:72:d1:
f6:f3:40:4d:f5:55:8f:56:3a:61:02:9f:c9:d8:dc:
4d:13:d6:62:d3:c3:f1:ad:46:9e:30:0d:2f:28:d9:
ee:fb:a7:e5:ba:fd:ab:a0:17:eb:1f:cf:af:db:c6:
0f:d1:d8:16:7f:fa:06:a4:22:c4:99:2e:ef:2b:12:
f3:6e:45:fd:16:af:34:e1:0e:32:dc:27:20:8d:70:
16:ab:a6:e8:25:3c:61:2d:d0:7e:c4:87:9b:41:96:
8c:51:cb:78:5c:fc:6d:b5:d7:41:ba:da:d8:ce:d3:
24:27:98:ff:6a:da:e3:83:52:46:10:fe:66:61:94:
5c:4d:8e:b2:75:43:c1:c9:07:46:6f:bb:8d:11:bc:
28:e7:4d:1c:3e:80:ef:10:7c:36:00:0b:a5:82:da:
a4:d1:15:e9:c1:13:9d:ee:cc:e2:cb:ab:07:9f:d3:
94:62:1e:d1:66:d5:02:79:e2:94:5a:da:da:01:b2:
c2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B8:99:D2:97:BC:29:0E:8B:DA:20:F5:BD:41:D5:2E:97:B5:93:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.160.0/19
Signature Algorithm: sha256WithRSAEncryption
3b:b7:92:4b:af:89:b1:0f:eb:e3:42:82:a4:2e:dd:65:05:e5:
74:0b:0e:c2:b8:f0:10:28:5e:36:ed:e6:1f:03:86:08:77:58:
e9:cc:e0:1f:ec:58:b1:02:58:ba:a2:47:20:53:53:4b:85:3f:
ce:ae:ed:56:3f:27:b4:3c:d9:e3:dd:f2:d4:aa:d5:3b:79:b7:
0b:8e:61:f5:5e:a8:52:32:b7:93:75:3a:05:8f:0b:ca:3b:46:
14:c9:46:37:6f:25:63:17:b0:a7:3f:1a:21:3b:cf:da:49:1a:
b8:2c:9a:b3:98:ba:39:81:b4:01:e9:6e:ef:5f:03:16:2a:3a:
85:1c:31:2c:a8:7f:bc:3f:da:75:8d:8b:a1:92:48:e6:fa:a2:
ec:c3:21:d6:1c:c2:5c:e7:b7:54:80:da:a6:64:ac:29:03:52:
df:e1:07:b8:f5:96:9a:63:f5:18:08:50:62:00:a0:a6:59:8c:
20:c9:43:9f:68:b9:bb:30:74:19:56:e8:b6:63:3a:a4:3a:79:
2f:ba:32:3c:79:9a:43:ad:77:45:bd:01:2e:00:cc:c8:a2:4b:
22:38:c5:c5:e6:2b:20:81:f8:57:30:60:9e:6c:df:fa:1c:e1:
57:f7:15:52:a5:e4:4b:cb:a9:fe:85:8f:6e:7a:dc:b4:8f:4b:
4b:3d:99:11
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHHxeQqjEzqP/DHF142JDchuyE2gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTAwNDlaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlNWE2ODE0NDZlOWY5MGFhYzI1YWFjODRiMGRlZDFmNDJmM2RhMzZmYmM0
MzZhN2EwZDI2ZDYyOTZiYjJkODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVeq9OsSWQMd8IdklGVYbUM5OUTbA2wat1pMjSs9Qdnn/rlKoI7GwFYA1Kz
erEUFhbqVRNquc0VSz7C1gmPB73376N4HDAjwHLR9vNATfVVj1Y6YQKfydjcTRPW
YtPD8a1GnjANLyjZ7vun5br9q6AX6x/Pr9vGD9HYFn/6BqQixJku7ysS825F/Rav
NOEOMtwnII1wFqum6CU8YS3QfsSHm0GWjFHLeFz8bbXXQbra2M7TJCeY/2ra44NS
RhD+ZmGUXE2OsnVDwckHRm+7jRG8KOdNHD6A7xB8NgALpYLapNEV6cETne7M4sur
B5/TlGIe0WbVAnnilFra2gGywrsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRPuJnS
l7wpDovaIPW9QdUul7WTCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDAzMTg4OTEtNTUwOC00ZWI2LWJhY2UtZTI0NWZiZWIxNDVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAioDAN
BgkqhkiG9w0BAQsFAAOCAQEAO7eSS6+JsQ/r40KCpC7dZQXldAsOwrjwECheNu3m
HwOGCHdY6czgH+xYsQJYuqJHIFNTS4U/zq7tVj8ntDzZ493y1KrVO3m3C45h9V6o
UjK3k3U6BY8LyjtGFMlGN28lYxewpz8aITvP2kkauCyas5i6OYG0Aelu718DFio6
hRwxLKh/vD/adY2LoZJI5vqi7MMh1hzCXOe3VIDapmSsKQNS3+EHuPWWmmP1GAhQ
YgCgplmMIMlDn2i5uzB0GVbotmM6pDp5L7oyPHmaQ613Rb0BLgDMyKJLIjjFxeYr
IIH4VzBgnmzf+hzhV/cVUqXkS8up/oWPbnrctI9LSz2ZEQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:05 2025 by rpki-client